public/tt-rss
1
0
Fork 0
mirror of https://git.tt-rss.org/git/tt-rss.git synced 2025-12-13 17:05:56 +00:00
Code Issues Releases Wiki Activity

Feeds: load quickaddfeed and search dialogs via XHR w/ CSRF protection

Browse Source
This commit is contained in:
Andrew Dolgov
2020-09-15 16:28:09 +03:00
parent 8080c525fd
commit cbcb10a272
3 changed files with 129 additions and 122 deletions
Download Patch File Download Diff File Expand all files Collapse all files

184
js/CommonDialogs.js
View File

@@ -75,116 +75,120 @@ const CommonDialogs = {
return false;
},
quickAddFeed: function() {
const query = "backend.php?op=feeds&method=quickAddFeed";
// overlapping widgets
if (dijit.byId("batchSubDlg")) dijit.byId("batchSubDlg").destroyRecursive();
if (dijit.byId("feedAddDlg")) dijit.byId("feedAddDlg").destroyRecursive();
const dialog = new dijit.Dialog({
id: "feedAddDlg",
title: __("Subscribe to Feed"),
style: "width: 600px",
show_error: function (msg) {
const elem = $("fadd_error_message");
xhrPost("backend.php",
{op: "feeds", method: "quickAddFeed"},
(transport) => {
elem.innerHTML = msg;
const dialog = new dijit.Dialog({
id: "feedAddDlg",
title: __("Subscribe to Feed"),
style: "width: 600px",
content: transport.responseText,
show_error: function (msg) {
const elem = $("fadd_error_message");
if (!Element.visible(elem))
new Effect.Appear(elem);
elem.innerHTML = msg;
},
execute: function () {
if (this.validate()) {
console.log(dojo.objectToQuery(this.attr('value')));
if (!Element.visible(elem))
new Effect.Appear(elem);
const feed_url = this.attr('value').feed;
},
execute: function () {
if (this.validate()) {
console.log(dojo.objectToQuery(this.attr('value')));
Element.show("feed_add_spinner");
Element.hide("fadd_error_message");
const feed_url = this.attr('value').feed;
xhrPost("backend.php", this.attr('value'), (transport) => {
try {
Element.show("feed_add_spinner");
Element.hide("fadd_error_message");
let reply;
xhrPost("backend.php", this.attr('value'), (transport) => {
try {
try {
reply = JSON.parse(transport.responseText);
} catch (e) {
Element.hide("feed_add_spinner");
alert(__("Failed to parse output. This can indicate server timeout and/or network issues. Backend output was logged to browser console."));
console.log('quickAddFeed, backend returned:' + transport.responseText);
return;
}
let reply;
const rc = reply['result'];
Notify.close();
Element.hide("feed_add_spinner");
console.log(rc);
switch (parseInt(rc['code'])) {
case 1:
dialog.hide();
Notify.info(__("Subscribed to %s").replace("%s", feed_url));
if (App.isPrefs())
dijit.byId("feedTree").reload();
else
Feeds.reload();
break;
case 2:
dialog.show_error(__("Specified URL seems to be invalid."));
break;
case 3:
dialog.show_error(__("Specified URL doesn't seem to contain any feeds."));
break;
case 4:
{
const feeds = rc['feeds'];
Element.show("fadd_multiple_notify");
const select = dijit.byId("feedDlg_feedContainerSelect");
while (select.getOptions().length > 0)
select.removeOption(0);
select.addOption({value: '', label: __("Expand to select feed")});
for (const feedUrl in feeds) {
if (feeds.hasOwnProperty(feedUrl)) {
select.addOption({value: feedUrl, label: feeds[feedUrl]});
}
try {
reply = JSON.parse(transport.responseText);
} catch (e) {
Element.hide("feed_add_spinner");
alert(__("Failed to parse output. This can indicate server timeout and/or network issues. Backend output was logged to browser console."));
console.log('quickAddFeed, backend returned:' + transport.responseText);
return;
}
Effect.Appear('feedDlg_feedsContainer', {duration: 0.5});
const rc = reply['result'];
Notify.close();
Element.hide("feed_add_spinner");
console.log(rc);
switch (parseInt(rc['code'])) {
case 1:
dialog.hide();
Notify.info(__("Subscribed to %s").replace("%s", feed_url));
if (App.isPrefs())
dijit.byId("feedTree").reload();
else
Feeds.reload();
break;
case 2:
dialog.show_error(__("Specified URL seems to be invalid."));
break;
case 3:
dialog.show_error(__("Specified URL doesn't seem to contain any feeds."));
break;
case 4:
{
const feeds = rc['feeds'];
Element.show("fadd_multiple_notify");
const select = dijit.byId("feedDlg_feedContainerSelect");
while (select.getOptions().length > 0)
select.removeOption(0);
select.addOption({value: '', label: __("Expand to select feed")});
for (const feedUrl in feeds) {
if (feeds.hasOwnProperty(feedUrl)) {
select.addOption({value: feedUrl, label: feeds[feedUrl]});
}
}
Effect.Appear('feedDlg_feedsContainer', {duration: 0.5});
}
break;
case 5:
dialog.show_error(__("Couldn't download the specified URL: %s").replace("%s", rc['message']));
break;
case 6:
dialog.show_error(__("XML validation failed: %s").replace("%s", rc['message']));
break;
case 0:
dialog.show_error(__("You are already subscribed to this feed."));
break;
}
} catch (e) {
console.error(transport.responseText);
App.Error.report(e);
}
break;
case 5:
dialog.show_error(__("Couldn't download the specified URL: %s").replace("%s", rc['message']));
break;
case 6:
dialog.show_error(__("XML validation failed: %s").replace("%s", rc['message']));
break;
case 0:
dialog.show_error(__("You are already subscribed to this feed."));
break;
});
}
} catch (e) {
console.error(transport.responseText);
App.Error.report(e);
}
},
});
}
},
href: query
});
dialog.show();
dialog.show();
});
},
showFeedsWithErrors: function() {
const query = {op: "pref-feeds", method: "feedsWithErrors"};